Postfix 无法通过 SASL 进行身份验证

我的系统是 Debian 7 又名 Wheezy，安装了 postfix、courier 和 mysql。Courier 运行良好，如果我发出

testsaslauthd -u user@domain -p password -f /var/spool/postfix/var/run/saslauthd/mux -s smtp

我得到一个

0: OK "Success."

但是，如果我使用以下方式获取 base64 编码的用户名/密码

echo -ne '\000user@domain\000password' | openssl base64

并尝试在 SMTP 会话中使用它

helo localhost
auth plain (output from above)

我总是得到

535 5.7.8 Error: authentication failed: authentication failure

我/var/log/syslog发现

Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: warning: SASL authentication failure: Password verification failed
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: warning: localhost[::1]: SASL plain authentication failed: authentication failure

并在 /var/log/auth.log 中

Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin Parse the username username@domain
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin try and connect to a host
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin trying to open db 'postfixadmin' on host '127.0.0.1'
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: begin transaction
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin create statement from userPassword username domain
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin doing query SELECT password FROM mailbox WHERE username="username@domain";
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: commit transaction
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin Parse the username username@domain
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin try and connect to a host
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin trying to open db 'postfixadmin' on host '127.0.0.1'
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin Parse the username username@domain
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin try and connect to a host
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin trying to open db 'postfixadmin' on host '127.0.0.1'
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: begin transaction
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin create statement from userPassword username domain
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin doing query SELECT password FROM mailbox WHERE username="username@domain";
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin create statement from cmusaslsecretPLAIN username domain
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin doing query SELECT password FROM mailbox WHERE username="username@domain";
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: commit transaction
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin Parse the username username@domain
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin try and connect to a host
Sep 29 21:49:34 (hostname obfuscated) postfix/smtpd[15814]: sql plugin trying to open db 'postfixadmin' on host '127.0.0.1'

我的 postfix 配置中的相关 SASL 条目：

# postconf | grep -e cyrus_sasl -e smtpd_sasl
cyrus_sasl_config_path =
send_cyrus_sasl_authzid = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_exceptions_networks =
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = cyrus

有人能提示我如何分析或调试这个问题吗？

更新2014/10/01：经过多次尝试，我发现这肯定是从 mysql 数据库读取密码的问题。我编辑了一下/etc/postfix/sasl/smtpd.conf，在最后一行我写道

sql_select: SELECT 'some hard coded password' password FROM mailbox WHERE username="%u@%r"

现在它起作用了。然而，这显然不是我打算做什么。

第二次更新 2014/10/01：有趣的是...当 smtpd.conf 只包含

pwcheck_method: saslauthd
mech_list: plain login

一切正常！为我解决了问题。